<?php include "../../../config.php";?>
<?php include ROOT_PATH_."/front/m2/coresection/checkUserSession.php";?>

<?php


$users=select_one_line_all_items($table_Prefix."user","mid = '$user_mid' ");

print_r2($users);

$password = $users['password'];

date_default_timezone_set('prc');

$password_old = md5($_REQUEST['oldPassword']);
$password_new = md5($_REQUEST['newPassword']);
$password_new_two = md5($_REQUEST['newPasswordTwo']);



if($password_new == $password_new_two){

    if($password_old == $password){
$table=$table_prefix."user";
$sql = "update $table set password = '$password_new' where mid = '$user_mid'";
$query = mysql_query($sql) or die ('更改密码失败！！');

    ?>

    <script type="text/javascript">
        alert("密码修改成功，点击确认返回继续操作！");
        document.location.href = "../user.php";
    </script>
<?


    }else{

        ?>

    <script type="text/javascript">
        alert("原密码错误，请重新确认密码！");
        // document.location.href = "../user.php";
    </script>

    <?

    }

}



else{
    ?>

    <script type="text/javascript">
        alert("新密码输入不一致，请重新确认新密码！");
       // document.location.href = "../user.php";
    </script>

<?
}



?>
